mirror of
https://gitlab.com/mbunkus/mkvtoolnix.git
synced 2024-10-22 07:21:21 +00:00
8a3c7197a2
The sps_t structure contains an array of 64 short_term_ref_pic_sets_t elements. Therefore at most 63 may be added to the base pointer short_term_ref_pic_sets for accessing one of those elements. Fixes the following test cases of #1780: explorer🆔000494,sig:11,src:001249,op:flip1,pos:63 explorer🆔000496,sig:06,src:001249,op:flip1,pos:92 explorer🆔000502,sig:06,src:001249,op:int8,pos:100,val:+32 explorer🆔000605,sig:11,src:001741,op:int32,pos:29,val:+0 explorer🆔000676,sig:06,src:002253,op:ext_AO,pos:101 explorer🆔000784,sig:11,src:002818,op:ext_AO,pos:103 explorer🆔000830,sig:11,src:003020,op:flip1,pos:103 explorer🆔000831,sig:11,src:003020,op:flip1,pos:104 explorer🆔000834,sig:11,src:003020,op:havoc,rep:2 explorer🆔000882,sig:11,src:003246,op:flip1,pos:123 explorer🆔000884,sig:11,src:003246,op:int8,pos:121,val:-128 explorer🆔000886,sig:06,src:003248,op:flip1,pos:106 explorer🆔000935,sig:11,src:003528,op:flip4,pos:130 explorer🆔000936,sig:11,src:003528,op:flip32,pos:127 explorer🆔000937,sig:11,src:003528,op:arith8,pos:130,val:+5 explorer🆔000938,sig:11,src:003528,op:int32,pos:127,val:+100 explorer🆔000939,sig:11,src:003528,op:int32,pos:128,val:+1 explorer🆔000974,sig:11,src:003742,op:flip1,pos:123 explorer🆔000975,sig:11,src:003746,op:flip1,pos:130 explorer🆔000976,sig:11,src:003746,op:flip1,pos:130 explorer🆔000977,sig:11,src:003746,op:flip1,pos:133 explorer🆔000978,sig:11,src:003746,op:flip1,pos:133 explorer🆔000979,sig:11,src:003746,op:flip2,pos:134 explorer🆔000980,sig:11,src:003746,op:arith8,pos:133,val:-3 explorer🆔001003,sig:11,src:003976,op:flip1,pos:127 explorer🆔001019,sig:11,src:004180,op:flip1,pos:9 explorer🆔001020,sig:11,src:004180,op:int32,pos:143,val:be:+1 explorer🆔001021,sig:11,src:004180,op:havoc,rep:2
41 lines
1.9 KiB
Ruby
Executable File
41 lines
1.9 KiB
Ruby
Executable File
#!/usr/bin/ruby -w
|
|
|
|
# T_559segfaults_issue_1780_part_2
|
|
describe "mkvmerge / various test cases for segfaults collected in issue 1780 part 2"
|
|
|
|
dir = "data/segfaults-assertions/issue-1780"
|
|
|
|
# "HEVC parser: fix invalid memory access beyond the end of allocated space"
|
|
%w{
|
|
explorer:id:000494,sig:11,src:001249,op:flip1,pos:63
|
|
explorer:id:000496,sig:06,src:001249,op:flip1,pos:92
|
|
explorer:id:000502,sig:06,src:001249,op:int8,pos:100,val:+32
|
|
explorer:id:000605,sig:11,src:001741,op:int32,pos:29,val:+0
|
|
explorer:id:000676,sig:06,src:002253,op:ext_AO,pos:101
|
|
explorer:id:000784,sig:11,src:002818,op:ext_AO,pos:103
|
|
explorer:id:000830,sig:11,src:003020,op:flip1,pos:103
|
|
explorer:id:000831,sig:11,src:003020,op:flip1,pos:104
|
|
explorer:id:000834,sig:11,src:003020,op:havoc,rep:2
|
|
explorer:id:000882,sig:11,src:003246,op:flip1,pos:123
|
|
explorer:id:000884,sig:11,src:003246,op:int8,pos:121,val:-128
|
|
explorer:id:000886,sig:06,src:003248,op:flip1,pos:106
|
|
explorer:id:000935,sig:11,src:003528,op:flip4,pos:130
|
|
explorer:id:000936,sig:11,src:003528,op:flip32,pos:127
|
|
explorer:id:000937,sig:11,src:003528,op:arith8,pos:130,val:+5
|
|
explorer:id:000938,sig:11,src:003528,op:int32,pos:127,val:+100
|
|
explorer:id:000939,sig:11,src:003528,op:int32,pos:128,val:+1
|
|
explorer:id:000974,sig:11,src:003742,op:flip1,pos:123
|
|
explorer:id:000975,sig:11,src:003746,op:flip1,pos:130
|
|
explorer:id:000976,sig:11,src:003746,op:flip1,pos:130
|
|
explorer:id:000977,sig:11,src:003746,op:flip1,pos:133
|
|
explorer:id:000978,sig:11,src:003746,op:flip1,pos:133
|
|
explorer:id:000979,sig:11,src:003746,op:flip2,pos:134
|
|
explorer:id:000980,sig:11,src:003746,op:arith8,pos:133,val:-3
|
|
explorer:id:001003,sig:11,src:003976,op:flip1,pos:127
|
|
explorer:id:001019,sig:11,src:004180,op:flip1,pos:9
|
|
explorer:id:001020,sig:11,src:004180,op:int32,pos:143,val:be:+1
|
|
explorer:id:001021,sig:11,src:004180,op:havoc,rep:2
|
|
}.each do |file|
|
|
test_merge "#{dir}/#{file}", :exit_code => :error
|
|
end
|